Lucene search
HistoryMay 04, 2023 - 9:15 p.m.
CVE-2023-21487
telephony framework
access control
local attackers
call setting
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
5.1
Confidence
High
EPSS
0
Percentile
5.1%
Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting.
Affected configurations
Node
samsungandroidMatch11.0-
ORsamsungandroidMatch11.0smr-apr-2021-r1
ORsamsungandroidMatch11.0smr-apr-2022-r1
ORsamsungandroidMatch11.0smr-aug-2021-r1
ORsamsungandroidMatch11.0smr-aug-2022-r1
ORsamsungandroidMatch11.0smr-dec-2020-r1
ORsamsungandroidMatch11.0smr-dec-2021-r1
ORsamsungandroidMatch11.0smr-dec-2022-r1
ORsamsungandroidMatch11.0smr-feb-2021-r1
ORsamsungandroidMatch11.0smr-feb-2022-r1
ORsamsungandroidMatch11.0smr-feb-2023-r1
ORsamsungandroidMatch11.0smr-jan-2021-r1
ORsamsungandroidMatch11.0smr-jan-2022-r1
ORsamsungandroidMatch11.0smr-jul-2021-r1
ORsamsungandroidMatch11.0smr-jul-2022-r1
ORsamsungandroidMatch11.0smr-jun-2021-r1
ORsamsungandroidMatch11.0smr-jun-2022-r1
ORsamsungandroidMatch11.0smr-mar-2021-r1
ORsamsungandroidMatch11.0smr-mar-2022-r1
ORsamsungandroidMatch11.0smr-may-2021-r1
ORsamsungandroidMatch11.0smr-may-2022-r1
ORsamsungandroidMatch11.0smr-nov-2021-r1
ORsamsungandroidMatch11.0smr-nov-2022-r1
ORsamsungandroidMatch11.0smr-oct-2021-r1
ORsamsungandroidMatch11.0smr-oct-2022-r1
ORsamsungandroidMatch11.0smr-sep-2021-r1
ORsamsungandroidMatch11.0smr-sep-2022-r1
ORsamsungandroidMatch12.0-
ORsamsungandroidMatch12.0smr-apr-2022-r1
ORsamsungandroidMatch12.0smr-aug-2022-r1
ORsamsungandroidMatch12.0smr-dec-2021-r1
ORsamsungandroidMatch12.0smr-dec-2022-r1
ORsamsungandroidMatch12.0smr-feb-2022-r1
ORsamsungandroidMatch12.0smr-feb-2023-r1
ORsamsungandroidMatch12.0smr-jan-2022-r1
ORsamsungandroidMatch12.0smr-jul-2022-r1
ORsamsungandroidMatch12.0smr-jun-2022-r1
ORsamsungandroidMatch12.0smr-mar-2022-r1
ORsamsungandroidMatch12.0smr-may-2022-r1
ORsamsungandroidMatch12.0smr-nov-2021-r1
ORsamsungandroidMatch12.0smr-nov-2022-r1
ORsamsungandroidMatch12.0smr-oct-2022-r1
ORsamsungandroidMatch12.0smr-sep-2022-r1
ORsamsungandroidMatch13.0-
ORsamsungandroidMatch13.0smr-apr-2023-r1
ORsamsungandroidMatch13.0smr-dec-2022-r1
ORsamsungandroidMatch13.0smr-feb-2023-r1
ORsamsungandroidMatch13.0smr-jan-2023-r1
ORsamsungandroidMatch13.0smr-mar-2023-r1
ORsamsungandroidMatch13.0smr-nov-2022-r1
ORsamsungandroidMatch13.0smr-oct-2022-r1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| samsung | android | 11.0 | cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:* |
| samsung | android | 11.0 | cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:* |
| samsung | android | 11.0 | cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:* |
| samsung | android | 11.0 | cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:* |
| samsung | android | 11.0 | cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:* |
| samsung | android | 11.0 | cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:* |
| samsung | android | 11.0 | cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:* |
| samsung | android | 11.0 | cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:* |
| samsung | android | 11.0 | cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:* |
| samsung | android | 11.0 | cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:* |
Related
cve
cve
CVE-2023-21487
2023-05-04 21:15:09
prion
prion
Improper access control
2023-05-04 21:15:00
cvelist
cvelist
CVE-2023-21487
2023-05-04 00:00:00
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
5.1
Confidence
High
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2023-21487